<?php
$notIncludeLogin = true; 
require_once '../classes/includeAll.php';

$error = false;

if(isset($_POST["submit"]))
{
  $username = filter_input(INPUT_POST, "user");
  $pas=  filter_input(INPUT_POST, "password");
  if($pas== null || $pas == false)
    $pas = "";
  
  if($username != null && $username != false)
  {
    require '../resources/getConnection.php';
    $cryptPas=  EncryptPw($pas);
    $userClass = new users($connection);
    $userInformation = $userClass->GetUserByName($username);
    if($userInformation != false && $userInformation[4]==$cryptPas)
    {
      session_start();
      $_SESSION["id"]=$userInformation[0];
      $_SESSION["isAdmin"]=$userClass->IsAdmin($userInformation[0], -1);
      $connection->disconnectDB();
      if(isset($_SESSION["caller"]))
        header("Location: ".$_SESSION["caller"]);
      else
        header("Location: index.php");
    }
    else
    {
      $error = true;
      $connection->disconnectDB();
    }
  }
}

$title="Login";
$head ='<link rel="stylesheet" type="text/css" href="../design/css/login.css">';
$noMenu=true;
  require '../menu/head.php';?>
<div id="login">
  <h1>Anmeldung</h1>
  <?php if($error) {echo '<p id="loginError">Benutzername oder Passwort falsch!</p>';}?>
<form name="login" action="login.php" method="POST">
  <table id="loginTable">
    <tbody>
      <tr>
        <td>Benutzername:</td>
        <td><input type="text" name="user" value="<?php if($error){echo $username;} ?>" /></td>
      </tr>
      <tr>
        <td>Passwort:</td>
        <td><input type="password" name="password" value="" /></td>
      </tr>
      <tr>
        <td><input type="submit" value="Anmelden" name="submit" /></td>
      </tr>
    </tbody>
  </table>
</form>
</div>
<?php 
  require '../menu/footer.php';
?>
